On Thu, Aug 30, 2012 at 10:21:35AM +0200, Sébastien Marie wrote: > On Wed, Aug 29, 2012 at 09:34:22PM +0200, Patrick Lamaiziere wrote: > > Le Wed, 29 Aug 2012 09:59:46 +0200, > > Sebastien Marie <semarie-open...@latrappe.fr> a écrit : > > Hello, > > > > > > I currently follow STABLE branch for openbsd (and so, for ports too), > > > which is OPENBSD_5_1. > > > > > > But, I saw that the last security updates for ports go to OPENBSD_5_2 > > > and not to OPENBSD_5_1. > > > > Any examples ? The probleme may not be present in 5.1. > > > > databases/postgresql > version 9.1.4 (in OPENBSD_5_1) is vulnerable to CVE-2012-3488 and > CVE-2012-3489 > CVE-2012-3488 : insecure use of xslt (xslt is in contrib, so need > activation) > CVE-2012-3489 : insecure use of libxml2 (XXE possible) > > OPENBSD_5_2 has upgraded from 9.1.4 to 9.1.5
I have an update for this and I will commit it asap (lack of time..) -- Pierre-Emmanuel André <pea at raveland.org> GPG key: 0x7AE329DC
